European lawmakers have approved a resolution that calls for US anti-terrorism investigators to be denied access to the global banking database, SWIFT. The decision followed revelations about American spying activities.
Lawmakers in the Brussels parliament voted by 280 to 254 in favor of the resolution on Wednesday to suspend US access to the global database because of concerns that the powers were being abused. There were 30 abstentions.
The vote followed leaks by former US intelligence operative Edward Snowden, which suggested that the US National Security Agency (NSA) used the Belgium-based system of international bank transfers, SWIFT, to snoop on the EU.

An Austrian student is taking Ireland’s data protection watchdog to court after the privacy regulator declined to investigate allegations that Facebook allowed US spooks to slurp its data.

The Irish privacy office, headed up by data protection commissioner Billy Hawkes, told The Register that judicial review proceedings were now underway. It said:

** In line with the [High] Court’s procedures, that request was dealt with on an ‘ex parte’ basis, i.e. the Commissioner was not present in Court, and the request was uncontested.

Now that the matter is the subject of ongoing court proceedings, this Office is not in a position to comment on the matter, other than to confirm that we will be vigorously defending our position.

**
Max Schrems, a long-time critic of Facebook’s perceived privacy-lite business practices in Europe who fronts the “europe-v-facebook” group, said he took action after Hawkes had dismissed his complaint.

Lawyers for a man described by the FBI as being the largest facilitator of child porn on the planet

have mounted a fresh challenge to have him prosecuted in Ireland instead.
You have to wonder about any case where the FBI are using that kind of language to prosecute someone.

Why? Are you suggesting that Freedom Hosting did not knowingly host a large proportion of the world’s child porn sites at the time?

Ive no idea about this case and am just reacting to the headline that the FBI are pushing. Seems strange that there is one big child porn source, I would have thought that it would have been fairly decentralized.

Ive no idea about this case and am just reacting to the headline that the FBI are pushing. Seems strange that there is one big child porn source, I would have thought that it would have been fairly decentralized.

The P2P stuff is decentralised, but the web stuff not so much. The ISP/hosting industry worldwide has done so much work on eradicating this stuff (80-90% of material removed within 7 days of reporting) that when the bad guys find a hoster willing to ignore takedown notices they’re like flies on shit. (Useless stats: there have only ever been two instances of CP hosted in Ireland to my knowledge).

Interestingly developed countries like Holland, US and Canada are by far the biggest source of web-based CP, presumably because of the sheer number of cheap hosting companies and the number of cloud services hosting there; it’s like playing whack-a-mole.

One of the problems with the Darknet stuff is that it’s presumably not going to show in the official INHOPE stats for CP reporting (yes there are official stats on this sort of thing); the sort of people who find CP on dark net sites are unlikely to report it to their local Hotline/law enforcement.

Freedom Hosting got a reputation for hosting this stuff and was quite long-lived, so it would not surprise me at all if they had a significant portion of the market.

Victory for tech giants on EU data laws
By James Fontanella-Khan in Brussels

Google, Facebook and other US tech giants have won an important victory against EU efforts to restrict the sharing of customer data after UK Prime Minister David Cameron persuaded the bloc to postpone the introduction of tougher privacy rules by at least a year.
The climbdown is a blow to advocates of stricter data protection standards, especially as it comes amid an international scandal that has seen the US accused of snooping on EU leaders including German Chancellor Angela Merkel and millions of European citizens.

British Prime Minister David Cameron has issued a veiled threat against media organizations, calling on The Guardian and other outlets to stop publishing the disclosures leaked by National Security Agency whistleblower Edward Snowden.

The Guardian first began its ongoing series based on the Snowden leaks in June, when far-reaching clandestine activity of the American NSA and British Government Communication Headquarters (GCHQ) were made public. UK lawmakers have not yet been “heavy handed,” the prime minister said, but if media does not cease such publication soon the government could soon crack down.

He suggested the government may employ D-Notices, official requests asking editors not to publish news items for national security reasons, if the coverage goes on.

The Internet giants Facebook and Google privacy issue have achieved success. An EU directive for strengthening the users’ rights of EU citizens has been postponed to 2015. Until then, the data the user can continue to be passed on fully to U.S. intelligence.

The Real Privacy ProblemAs Web companies and government agencies analyze ever more information about our lives, it’s tempting to respond by passing new privacy laws or creating mechanisms that pay us for our data. Instead, we need a civic solution, because democracy is at risk.
By Evgeny Morozov on October 22, 2013

Most proposals for enhancing our privacy treat it as an end in itself. Instead we need to be talking about how to best stimulate democracy—a balancing act that laws or market mechanisms can’t achieve alone.

In 1967, The Public Interest, then a leading venue for highbrow policy debate, published a provocative essay by Paul Baran, one of the fathers of the data transmission method known as packet switching. Titled “The Future Computer Utility,” the essay speculated that someday a few big, centralized computers would provide “information processing … the same way one now buys electricity.”

Our home computer console will be used to send and receive messages—like telegrams. We could check to see whether the local department store has the advertised sports shirt in stock in the desired color and size. We could ask when delivery would be guaranteed, if we ordered. The information would be up-to-the-minute and accurate. We could pay our bills and compute our taxes via the console. We would ask questions and receive answers from “information banks”—automated versions of today’s libraries. We would obtain up-to-the-minute listing of all television and radio programs … The computer could, itself, send a message to remind us of an impending anniversary and save us from the disastrous consequences of forgetfulness.

It took decades for cloud computing to fulfill Baran’s vision. But he was prescient enough to worry that utility computing would need its own regulatory model. Here was an employee of the RAND Corporation—hardly a redoubt of Marxist thought—fretting about the concentration of market power in the hands of large computer utilities and demanding state intervention. Baran also wanted policies that could “offer maximum protection to the preservation of the rights of privacy of information”:

Highly sensitive personal and important business information will be stored in many of the contemplated systems … At present, nothing more than trust—or, at best, a lack of technical sophistication—stands in the way of a would-be eavesdropper … Today we lack the mechanisms to insure adequate safeguards. Because of the difficulty in rebuilding complex systems to incorporate safeguards at a later date, it appears desirable to anticipate these problems.

Sharp, bullshit-free analysis: techno-futurism has been in decline ever since.

Three years ago, security consultant Dragos Ruiu was in his lab when he noticed something highly unusual: his MacBook Air, on which he had just installed a fresh copy of OS X, spontaneously updated the firmware that helps it boot. Stranger still, when Ruiu then tried to boot the machine off a CD ROM, it refused. He also found that the machine could delete data and undo configuration changes with no prompting. He didn’t know it then, but that odd firmware update would become a high-stakes malware mystery that would consume most of his waking hours.

The packet capture shown in these new NSA slides shows internal database replication traffic for the anti-hacking system I worked on for over two years. Specifically, it shows a database recording a user login as part of this system:

Recently +Brandon Downey , a colleague of mine on the Google security team, said (after the usual disclaimers about being personal opinions and not speaking for the firm which I repeat here) - “fuck these guys”:

I now join him in issuing a giant Fuck You to the people who made these slides. I am not American, I am a Brit, but it’s no different - GCHQ turns out to be even worse than the NSA.

We designed this system to keep criminals out . There’s no ambiguity here. The warrant system with skeptical judges, paths for appeal, and rules of evidence was built from centuries of hard won experience. When it works, it represents as good a balance as we’ve got between the need to restrain the state and the need to keep crime in check. Bypassing that system is illegal for a good reason .

Unfortunately we live in a world where all too often, laws are for the little people. Nobody at GCHQ or the NSA will ever stand before a judge and answer for this industrial-scale subversion of the judicial process. In the absence of working law enforcement, we therefore do what internet engineers have always done - build more secure software. The traffic shown in the slides below is now all encrypted and the work the NSA/GCHQ staff did on understanding it, ruined.

Thank you Edward Snowden. For me personally, this is the most interesting revelation all summer.